Writing local stack overflows on Solaris SPARC.
1178fffed1c888d3076dac7a5c02c32cb12d80ea6e89eb2c63ef61178491c43f
wireless_tools: The Guide to the Goods.
6aeb4992d1be4aeb2a07fd8f9e1eb5b87ffd0257a73c68846a10161a9979915d
Whitepaper discussing the remote exploitation of format string bugs.
e56ac2e283600d4cc1b61d33886eb76a7532991e7f0d2394cec3fa119c1c9887
A small whitepaper discussing code auditing in C.
11fb1c5a2417f1cd02c72bad9316aff637575f8a2d814bd9c9c5aa3d3fff2ca7
Whitepaper: Oracle Forensics Part 5 - Finding Evidence of Data Theft in the Absence of Auditing.
05f964f5538507637f62883278dca0fbb358534be66e7a889e548211d48bc52c
Dissection of an Oracle Attack in the Absence of Auditing. Presentation slides from Black Hat 2007 as presented by David Litchfield.
ea0db6b1c967296d75373f0bddcdec3b52590bea40c28dd773a626143ccc0a39
Whitepaper discussing cross site request timing attacks. This was originally presented at Black Hat 2007 and Defcon 15.
88fce15c0a9ed8dc4bc6ad55deb64e3a3b97add18472559f9a0f7481f2f6d3d2
squeeza is a tool helps exploits SQL injection vulnerabilities in broken web applications. Its functionality is split into creating data on the database (by executing commands, copying in files, issuing new SQL queries) and extracting that data through various channels (dns, timing, http error messages).
ed5de3ae05d77b7285523cc1c34484c73029565ace873988605f4b640b76d635
A write up that discusses buffer overflows in Windows Extended file attributes. Includes some exploits.
8e4c9ac85d956e95c45456c212760ccccf702140501b1ca9dca0001515bf9310
Zyxel Zywall 2 suffers from persistent cross site scripting, cross site request forgery, and persistent denial of service vulnerabilities.
8059f7f3aaa91ace28d4deb5fd4951ae7e4f2a72fd9b0c7aa41f4be8a1b816a7
Joomla CMS version 1.0.12 suffers form a session fixation issue in the backend administration interface.
2e91e828f738a8734a04193a718556a5e9599a70061f57213f41d7f7fd60b5a0
Harmony Security Advisory - Qbik's WinGate versions below 6.2.2 suffer from a remote denial of service vulnerability.
01bc3078c7944cbe079a4848b79ed8258c76fb99bef205db3e3b00b3fe9bca9e
Mandriva Linux Security Advisory - An off-by-one buffer overflow in the parse_elements function in the 802.11 printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service (crash) via a crafted 802.11 frame.
3bfb6fa240f257ac8f3808201d1287f91d9ddcd0624dfa025e3af23cf4e78763
GNU SASL is an implementation of the Simple Authentication and Security Layer framework and a few common SASL mechanisms. SASL is used by network servers such as IMAP and SMTP to request authentication from clients, and in clients to authenticate against servers. The library includes support for the SASL framework (with authentication functions and application data privacy and integrity functions) and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, NTLM, and KERBEROS_V5 mechanisms.
cf3c90a0998808f2d78beb81743097e2c2cda7a59c8094078e56b81d205c1a7b
Mandriva Linux Security Advisory - A format string vulnerability in the errors_create_window function in errors.c in xine-ui allows attackers to execute arbitrary code via unknown vectors. XINE 0.99.4 allows user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a certain M3U file that contains a long #EXTINF line and contains format string specifiers in an invalid udp:// URI, possibly a variant of CVE-2007-0017.
b32a09c07674b6009d0ea70a041224cbaafa1d364f22b570b4ee694400246ae5
SSHatter is a remote brute force utility that attempts every password from a given list against a target.
f36698575e0aefc1ed0903dc22c54cd9ffdeb171aa4341ea9cc93b770555d3ad
Tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities. Requires Libpcap.
09f1daece22a3555f1ca1f9779caf36357cc8d5b9ad1964606093c7e884e0da4
Micrsoft DXMedia SDK6 "SourceUrl" ActiveX remote code execution exploit.
8440922a3a5e7b87aaf529b1f60ac8a8c3362ddc802ba0be6e2692afabf1b754
Pixlie version 1.7 suffers from a remote file inclusion vulnerability in pixlie.php.
26ea74cb61d1341d7b4eb4b01ac2598bb9f382ba7243c70fde73c3ed446f41b2
PHP Blue Dragon CMS version 3.0.0 remote code execution exploit.
a6e9774d64ae1264794ea557cead8acc0b27f5c18eeb9ede94dd142863038c1f
PHP Blue Dragon CMS version 3.0.0 suffers from a remote file inclusion vulnerability.
8556f93708d92f2f398506f2c002feef4007d93288baee7d1c1ee527dca20dfe
PHP Blue Dragon CMS version 3.0.0 remote SQL injection exploit.
53929a6a61595da3fdbb24907caea889d4ad4f19531f58276e306e796172f79d
Shoutbox version 1.0 suffers from a remote file inclusion vulnerability.
5edde50fdd8acd276fdb857951a1639703b2b2120b0ae92b6718d88686403e0f
File Uploader version 1.1 suffers from a remote file inclusion vulnerability.
207313b9c2a2c69e1b5c5c02e17a2a4a3249f50ffb1d7888b684b0f003769c47
Web News version 1.1 suffers from a remote file inclusion vulnerability.
b0c9456456ade7c978dcdb359844169642acc4310176d9f9b22009226bfb231b